可以在keepalived.conf文件中定义的脚本,用以实现某个检测功能;
例:检测/etc/keepalived目录下down文件是否存在,如果存在则优先级减20,如果不存在表示正常
vrrp_script chk {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -20注:这个脚本的作用是用于维护MASTER,使MASTER手动下线
如何调用上面定义的脚本呢?
在vrrp实例中(vrrp_instance VI_1)加上track_script用于追踪脚本
track_script {
chk
}notify的用法:
notify_master:当当前节点成为master时,通知脚本执行任务(一般用于启动某服务,比如nginx,haproxy等)
notify_backup:当当前节点成为backup时,通知脚本执行任务(一般用于关闭某服务,比如nginx,haproxy等)
notify_fault:当当前节点出现故障,执行的任务;
例:当成为master时启动haproxy,当成为backup时关闭haproxy
notify_master "/etc/keepalived/start_haproxy.sh start"
notify_backup "/etc/keepalived/start_haproxy.sh stop"一个完整的实例:
MASTER:初始priority为100
BACKUP:初始priority为90
模拟MASTER产生故障:
当检测到/etc/keepalived目录下有down文件时,priority减少20,变为80;低于BACKUP的priority;
此时MASTER变成BACKUP,同时执行notify_backup的脚本文件(关闭haproxy);
同时BACKUP变成MASTER,同时执行notify_master的脚本文件(启动haproxy);
模拟MASTER故障恢复:
当删除/etc/keepalived目录下的down文件时,原MASTER的优先级又变为100,高于原BACKUP的priority;
此时原MASTER由BACKUP又抢占成了MASTER,同时执行notify_master的脚本文件(启动haproxy);
同时原BACKUP由MASTER又变了BACKUP,同时执行notify_backup的脚本文件(关闭haproxy);
MASTER的配置:
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.22.245
}
track_script {
chk
}
notify_master "/etc/keepalived/start_haproxy.sh start"
notify_backup "/etc/keepalived/start_haproxy.sh stop"
BACKUP的配置:
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.22.245
}
notify_master "/etc/keepalived/start_haproxy.sh start"
notify_backup "/etc/keepalived/start_haproxy.sh stop"
}
start_haproxy.sh的脚本内容:
#!/bin/bash
case "$1" in
start)
/etc/init .d /haproxy start
;;
stop)
/etc/init .d /haproxy stop
;;
restart)
/etc/init .d /haproxy stop
/etc/init .d /haproxy start
*)
echo "Usage:$0 start|stop|restart"
;;
esac
keepalived检测nginx,当nginx服务不正常时自动降级,当nginx恢复时自动升级:
check_nginx.sh脚本
#!/bin/bash
nmap localhost -p 80 | grep "80/tcp open"
if [ $? - ne 0 ]; then
exit 10
fi
notify.sh脚本:
#!/bin/bash
VIP=$2
sendmail (){
subject= "${VIP}'s server keepalived state is translate"
content= "`date +'%F %T'`: `hostname`'s state change to master"
echo $content | mail -s "$subject" zhengwei.liu@staples.cn
}
case "$1" in
master)
nmap localhost -p 80 | grep "80/tcp open"
if [ $? - ne 0 ]; then
/etc/init .d /nginx start
fi
sendmail
;;
backup)
nginx_psr=` ps -C nginx --no-header | wc -l`
if [ $nginx_psr - ne 0 ]; then
/etc/init .d /nginx stop
fi
;;
*)
echo "Usage:$0 master|backup VIP"
;;
esac
MASTER配置
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id https
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 1
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 54
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.8.19 /25
}
track_script {
chk_nginx
}
notify_master "/etc/keepalived/notify.sh master 172.16.8.19"
notify_backup "/etc/keepalived/notify.sh backup 172.16.8.19"
}
BACKUP配置:
backup无需检测nginx是否正常,默认nginx是未启动的,当升级为MASTER时启动nginx,当降级为BACKUP时关闭
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id https
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 54
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.8.19 /25
}
notify_master "/etc/keepalived/notify.sh master 172.16.8.19"
notify_backup "/etc/keepalived/notify.sh backup 172.16.8.19"
}
